| Multi-level sequence number based lazy invalidation -> Monitor Keywords |
|
|
Multi-level sequence number based lazy invalidationRelated Patent Categories: Information Security, Prevention Of Unauthorized Use Of Data Including Prevention Of Piracy, Privacy Violations, Or Unauthorized Data ModificationMulti-level sequence number based lazy invalidation description/claimsThe Patent Description & Claims data below is from USPTO Patent Application 20070039056, Multi-level sequence number based lazy invalidation. Brief Patent Description - Full Patent Description - Patent Application Claims
BACKGROUND [0001] Nowadays, a computing system usually includes objects of various forms, such as events, files, I/O completion ports, directories, devices, drivers, stream file objects, etc. Different components in the computing system may try to recognize an object based on attributes associated with the object. A component can be an application program or a unit of an operating system. For example, if the object is a file, a word processing program in the computing system may use the file path to identify the file. The components then may want to understand what data or metadata are associated with the object. For example, the exemplary file may be associated with various metadata such as policies. The policies can include "not allowing the file to run if it is an executable," "running the file in the same directory," "giving the file certain privileges," "allowing the file to run at certain times of the day," or "running the file as a different user," etc. Data such as the policies enable a component to understand what actions the component can perform with the object. [0002] Data such as the exemplary policies mentioned above may be supplied by different sources, i.e., data providers. An object may have many data providers supplying data for the object and the data may change from time to time. Operationally, a computing system may cache the data to improve system performance. A version number, also called a sequence number, may be attached to the data supplied by a specific data provider. Whenever the data supplied by the data provider changes, the sequence number changes, e.g., in increments to indicate a new version of the data. The sequence number may be cached along with the data. The cached sequence number can be used to validate whether the data in the cache is the current version of the data. For example, if the cached sequence number indicates that the cached data is a version 5, and the data provider currently has an updated version, e.g., version 7 of the data, then the cached data is invalid. The computing system can then request the data provider to supply the current version of the data. Such use of the sequence number saves computing time, because the computing system does not have to traverse all objects that have cached the data supplied by the data provider to invalidate the outdated data. Invalidation occurs only when the cached data for the object is requested. [0003] However, the use of sequence numbers may consume too much memory space. For example, the exemplary file object may have thirty data providers supplying data for the file object. The thirty cached sequence numbers consume a specific amount of cache space. A computing system may contain thousands of such objects. Their cached sequence numbers may thus use a large amount of cache space that can otherwise be used to cache more data. Therefore, it is desirable to reduce the size of a sequence number so as to reduce the cache space the sequence number consumes and, therefore, to enable more data to be cached for an object. [0004] More importantly, in recent years, spoofing and impersonation software attacks have increased substantially. Such attacks may force a data provider to update its data in such a frequency that the associated sequence number rolls over. For instance, assuming that the cached sequence number is of version 5. Under a roll-over attack, the sequence number associated with the data provider may be updated so many times that it returns to version 5. As a result, the computing system erroneously assumes that the data supplied by the provider has not been changed, since the cached sequence number is the same as the sequence number that is currently associated with the data provider. Therefore, it is desirable to provide a mechanism to prevent such roll-over attacks. SUMMARY [0005] This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This summary is not intended to identify key features of the claimed subject matter, nor is it intended to be used as an aid in determining the scope of the claimed subject matter. [0006] Embodiments of the invention address the above-identified problems by providing a system, a computer-implemented method, and a computer-readable medium for associating with each data provider a multi-level sequence number. Associating a multi-level sequence number with a data provider reduces the memory space that a sequence number can consume and effectively prevents possible roll-over attacks. [0007] One aspect of the invention provides a system that includes at least one object and at least one data provider supplying data for the object. Each data provider is identified with a multi-level sequence number. The system further includes a cache maintaining a table for each object in the system. The table, named as per-object table, caches the multi-level sequence number ("cached sequence number") and the data ("cached data") for each data provider supplying data for the object. The system further includes a global table that associates each data provider with the current value of its multi-level sequence number ("current sequence number"). Once the data supplied by a data provider changes, the corresponding current sequence number in the global table is updated automatically. [0008] In accordance with another aspect of the invention, when an object needs to obtain data supplied by a data provider, the cached sequence number of the data provider is compared with the current sequence number of the data provider. If the two numbers match, the cached data of the data provider is current. If the two numbers do not match, the cached data is outdated and the data provider is invoked to provide current data. The data provider updates the cached data with the current data and the cached sequence number with the current sequence number. [0009] In accordance with a further aspect of the invention, the multi-level sequence number associated with a data provider is divided into multiple portions or levels. The sequence number includes a portion that is unique to the data provider ("provider-specific portion"). The sequence number further includes at least one portion that is shared by at least another sequence number identifying another data provider for the object ("common portion"). Consequently, the cached sequence number and the current sequence number match only if their corresponding provider-specific portions match and their corresponding common portions match. [0010] In summary, aspects of the invention enable efficient use of memory space and prevent roll-over attacks by associating a multi-level sequence number to a data provider supplying data for an object. The invention also saves system computing time because cached data are invalidated and updated only when being requested. DESCRIPTION OF THE DRAWINGS [0011] The foregoing aspects and many of the attendant advantages of this invention will become more readily appreciated as the same become better understood by reference to the following detailed description, when taken in conjunction with the accompanying drawings, wherein: [0012] FIG. 1 is a block diagram illustrating a system for implementing aspects of the invention; [0013] FIGS. 2A-2B are block diagrams illustrating one implementation of a sequence number, wherein the sequence number is divided into a provider-specific portion and a common portion; [0014] FIGS. 3A-3B are block diagrams illustrating another implementation of a sequence number, wherein the sequence number includes a provider-specific portion and a multi-level common portion; [0015] FIG. 4 is a flow diagram illustrating an exemplary process for supplying a metadata supplied by a metadata provider upon request; and [0016] FIG. 5 is a flow diagram illustrating an exemplary routine for comparing the cached value and the current value of a provider's multi-level sequence number, suitable for use in FIG. 4. DETAILED DESCRIPTION [0017] FIG. 1 is a block diagram illustrating an exemplary system 100 for implementing aspects of the invention in accordance with an embodiment of the invention. The system 100 includes at least one object 110, at least one component 130, and a metadata cache 140. The system 100 also includes multiple metadata providers 150-1 . . . 150-n supplying data for the object 110. Each of the metadata providers 150-1 . . . 150-n is associated with a multi-level sequence number whose value changes if the data supplied by the metadata provider changes. [0018] The system 100 further includes a per-object table 160 that caches data supplied by the metadata providers 150-1 . . . 150-n for the object 110 and the corresponding sequence numbers. The system 100 further includes a global sequence number table 170 containing current values of the sequence numbers. Whenever a metadata provider updates its metadata, the value of the corresponding sequence number in the global sequence number table 170 is updated as well. A sequence number for a data provider from the per-object table may be compared with the data provider's current sequence number from the global sequence number table 170 to determine if the metadata cached in the per-object table 160 is current or the data provider needs to be invoked to provide current metadata for the object 110. [0019] The component 130 may be any component in a computing system that tries to recognize the object 110 and to understand what data such as metadata are associated with the object 110. The object 110 may be associated with data supplied by different data providers such as the metadata providers 150-1 . . . 150-n. [0020] In embodiments of the invention, the metadata cache 140 stores metadata associated with the object 110 in the per-object table 160. As shown in FIG. 1, the per-object table 160 includes a metadata provider column 162, a sequence number column 164, and a metadata column 166. The metadata provider column 162 lists the metadata providers 150-1 . . . 150-n (e.g., provider 1, provider 2, . . . , provider N.). The sequence number column 164 caches the sequence numbers ("cached sequence numbers") associated the metadata providers 150-1 . . . 150-n. The metadata column 166 caches metadata ("cached data") supplied by the metadata providers 150-1 . . . 150-n for the object 110. Continue reading about Multi-level sequence number based lazy invalidation... Full patent description for Multi-level sequence number based lazy invalidation Brief Patent Description - Full Patent Description - Patent Application Claims Click on the above for other options relating to this Multi-level sequence number based lazy invalidation patent application. ###  How KEYWORD MONITOR works... a FREE service from FreshPatents1. Sign up (takes 30 seconds). 2. Fill in the keywords to be monitored. 3. Each week you receive an email with patent applications related to your keywords. Start now! - Receive info on patent apps like Multi-level sequence number based lazy invalidation or other areas of interest. ### Previous Patent Application: Method and apparatus for making system constraint of a specified permission in the digital rights management Next Patent Application: Remotely accessing protected files via streaming Industry Class: ### FreshPatents.com Support Thank you for viewing the Multi-level sequence number based lazy invalidation patent info. IP-related news and info Results in 0.16862 seconds Other interesting Feshpatents.com categories: Medical: Surgery , Surgery(2) , Surgery(3) , Drug , Drug(2) , Prosthesis , Dentistry 174 |
 * Protect your Inventions * US Patent Office filing 
PATENT INFO |
|
